Nissan reveals ransomware attack exposed 53,000 workers' social security numbers


May 17, 2024

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Nissan reveals ransomware attack exposed 53,000 workers' social security numbers

Nissan North America has revealed that extortionists who demanded a ransom after breaking into its external VPN and disrupted systems last year also stole the social security numbers of over 53,000 staff.

The security breach occurred on November 7, 2023. Upon initial investigation, Nissan and external experts brought in by the firm found that although cybercriminals had accessed its systems without authorisation, the only data access had been mostly business-related. This was communicated to workers in a Nissan Town Hall meeting on December 5, 2023.

Unfortunately, Nissan now finds itself in the embarrassing position of having to warn workers that sensitive personal information was accessed by the hackers - including the names and social security numbers of over 53,000 current and former employees.

The car company warned staff in a data breach notification letter of the possibility of fraud or identity theft as a result of the breach, but has not seen any evidence that this has occurred to date.

Nissan has confirmed the accessed data does not include financial information related to the individual workers. The company has offered free 24-month credit monitoring and identity theft protection through Experian for affected employees.

It's not the first time that Nissan has suffered at the hands of hackers.

For instance, in December 2023, Nissan Australia and New Zealand suffered an attack by the Akira ransomware gang which exposed details belonging to 100,000 of the company's customers, dealers, and current and former staff.

Nissan estimated that around 10% of individuals affected had had some form of government identification compromised - including tax file numbers, driving licenses and passports.

In January last year, Nissan North America discovered a "severely mismanaged" server had leaked the proprietary source code of its mobile apps and marketing tools.  It later emerged that the server was "protected" by the username/password combination of admin:admin.

In the same month, 17,998 Nissan North America customers were affected by a breach at a third-party service provider.

And back in 2016, Nissan shut down its global websites after finding itself on the sharp end of a distributed denial-of-service (DDoS) attack linked to an Anonymous protest about dolphin culling in Japan.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like